Nadra data leak

A standing committee of the National Assembly has been told that the data of 2.7 million Pakistanis has been stolen from the servers of the National Database and Registration Authority. Although the breach is not recent and occurred more than a year ago, it still raises questions about the safety of data stored in government-run servers.

The breach exposed names, addresses and other crucial identity details. NADRA manages the civil records of all Pakistani nationals, and such a breach can have far-reaching consequences. Reportedly, the data was later available on the dark web and was up for sale.

Not only is this an invasion of privacy, but a matter of concern for national security. It is imperative that government-run institutions strengthen their cybersecurity protocols and thoroughly vet those with access to such records as some employees of the authority were also involved in the data theft.

The government must urgently invest in strengthening its cybersecurity framework to ensure the protection and privacy of the data it holds. Better encryption protocols must be implemented to protect sensitive data stored in government databases.

While NADRA has made strides in digitising records, those records should be encrypted in a way that makes them inaccessible even in the event of a data breach. This would act as a deterrent to hackers, making it far more difficult to exploit stolen information.

There is also a need for enhancing cybersecurity awareness and training for employees working in sensitive government departments. Often, breaches occur due to human error, such as phishing or other social engineering attacks.

Regular training on safe practices, recognising suspicious activity and adhering to cybersecurity protocols would help reduce the risk of breaches in the future. Pakistan's cybersecurity infrastructure must evolve considering the sophistication of cyber threats.